/*
 *  Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 *
 *  WSO2 Inc. licenses this file to you under the Apache License,
 *  Version 2.0 (the "License"); you may not use this file except
 *  in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.wso2.carbon.apimgt.keymgt.service;

import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.keymgt.events.RevocationRequestPublisher;

/**
 * API Key revocation service implementation
 */
public class APIKeyRevokeServiceImpl implements APIKeyRevokeService {
    private RevocationRequestPublisher revocationRequestPublisher = null;
    private ApiMgtDAO dao = null;
    private static APIKeyRevokeService apiKeyRevokeService;

    private APIKeyRevokeServiceImpl() {
        revocationRequestPublisher = RevocationRequestPublisher.getInstance();
        dao = ApiMgtDAO.getInstance();
    }

    public static synchronized APIKeyRevokeService getInstance() {
        if (apiKeyRevokeService == null) {
            apiKeyRevokeService = new APIKeyRevokeServiceImpl();
        }
        return apiKeyRevokeService;
    }

    public void revokeAPIKey(String token, long expiryTime, int tenantId)
                                                                    throws APIManagementException {
        if (APIUtil.isValidJWT(token)) {
            String splitToken[] = token.split("\\.");
            dao.addRevokedJWTSignature(splitToken[2], APIConstants.API_KEY_AUTH_TYPE, expiryTime, tenantId);
            revocationRequestPublisher.publishRevocationEvents(token, expiryTime, null);
        }
    }

}
